EP 3293658 A1 20180314 - MALICIOUS THREAT DETECTION THROUGH TIME-SERIES GRAPH ANALYSIS

Title (en)

MALICIOUS THREAT DETECTION THROUGH TIME-SERIES GRAPH ANALYSIS

Title (de)

DETEKTION EINER BÖSARTIGEN BEDROHUNG DURCH ZEITSERIENGRAPHANALYSE

Title (fr)

DÉTECTION DE MENACES MALVEILLANTES PAR ANALYSE GRAPHIQUE DE SÉRIES CHRONOLOGIQUE

Publication

EP 3293658 A1 20180314 (EN)

Application

EP 17188295 A 20170829

Priority

US 201615264234 A 20160913

Abstract (en)

Malicious threat detection through time-series graph analysis, in which a data analysis device receives a data file comprising multiple log data entries. The log data entries include parameters associated with a computer network event in a computing network. The data analysis device produces a graphical model of the computing network based on at least one parameter included in the log data. The data analysis device also identifies a parameter associated with a node of the computer network represented by the graphical model, and performs a time-series analysis on the parameter. The data analysis device further determines, based on the time-series analysis on the parameter, at least one of an anomalous event associated with the computing network or a malicious event associated with the computing network.

IPC 8 full level

G06F 21/55 (2013.01); H04L 29/06 (2006.01)

CPC (source: EP US)

G06F 16/2477 (2018.12 - EP US); G06F 16/254 (2018.12 - EP US); G06F 21/552 (2013.01 - EP US); H04L 63/1416 (2013.01 - US); H04L 63/1425 (2013.01 - EP US); H04L 63/1433 (2013.01 - US); G06F 2201/81 (2013.01 - EP US); G06F 2201/835 (2013.01 - EP US); G06F 2201/86 (2013.01 - EP US)

Citation (search report)

[XI] US 9231962 B1 20160105 - YEN TING-FANG [US], et al
[XI] WO 2013184206 A2 20131212 - LOS ALAMOS NAT SECURITY LLC [US]
[XI] US 2015236935 A1 20150820 - BASSETT GABRIEL DAVID [US]

Designated contracting state (EPC)

AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

Designated extension state (EPC)

BA ME

DOCDB simple family (publication)

EP 3293658 A1 20180314; AU 2017224993 A1 20180329; AU 2017224993 B2 20181101; JP 2018061240 A 20180412; JP 6599946 B2 20191030; US 10476896 B2 20191112; US 11323460 B2 20220503; US 2018077175 A1 20180315; US 2020076836 A1 20200305

DOCDB simple family (application)

EP 17188295 A 20170829; AU 2017224993 A 20170904; JP 2017169649 A 20170904; US 201615264234 A 20160913; US 201916667990 A 20191030